[grsec] Problem with 2.4.33.3 and grsec 2.1.9
Torbjörn Svensson
azoff at se.linux.org
Sun Oct 8 04:25:19 EDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi again!
Sorry for the delay..
pageexec at freemail.hu wrote:
> On 12 Sep 2006 at 8:14, Torbjörn Svensson wrote:
>
>> CONFIG_GRKERNSEC_PAX_MEMORY_SANITIZE=y
>> CONFIG_GRKERNSEC_PAX_MEMORY_UDEREF=y
>>
>> Shall I test a kernel with both these options disabled or just one of them?
>
> yes, all combinations preferably. also, if you have (remote) console
> access/logging, it'd be nice to capture anything that's printed before
> the system crashes/reboots. the thing is, if any of the above causes
> a kernel crash, there's some likelihood that the underlying problem
> is in the kernel itself, not these features (as they detect/forbid
> unsafe actions that would normally go unnoticed).
I have now tested to have these two options disabled but still it did a
mysterical reboot this morning after an uptime of little more than 10
days. I have also added support for software raid, but I guess that
shouldn't matter. My testrun with bot those options enabled did only
last for almost 4 days, so I think it's possible that these two reboots
are caused by the same trigger.
I do also lack of any console access :-( Maybe I shall invest in a null
modem cable.
Both times, there haven't been anything logged so, I think I'm pretty
stuck with this until 2.4.34 gets out or at least a new grsec patch.
I am willing to help you test it.
Regards.
- --
.''`. Torbjörn Svensson, azoff (at) se (dot) linux (dot) org
: :' : 7EB9 2DC5 61AE DAB5 7099 BAC6 798E E39A DBDB 0CFD
`. `' http://www.azoff.se | http://dev.azoff.se
`-- http://se.linux.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFKLXueY7jmtvbDP0RAh+8AKC1AY43BL3dINatb6AKYxU18q07wQCfcCHv
modKo1+WDE76PAsIe4ptSlk=
=K78i
-----END PGP SIGNATURE-----
More information about the grsecurity
mailing list